Conversation

Notices

1. marius (mariusor@metalhead.club)'s status on Thursday, 30-Jan-2025 07:10:16 JST marius

   • silverpill

   @julian @silverpill I have a stupid validator that iterates through ed25519, rsa-512 and rsa-256 methods and succeeds on first. :D

   • silverpill (silverpill@mitra.social)'s status on Thursday, 30-Jan-2025 07:10:14 JST silverpill

     in reply to

     @mariusor Do you know any actors that use ed25519 signatures?

     I want to support this algorithm too, but don't know where to test my implementation

     @julian

   • silverpill (silverpill@mitra.social)'s status on Sunday, 09-Feb-2025 04:41:27 JST silverpill

     in reply to

     @mariusor Thanks.

     My instance now supports EdDSA HTTP signatures. Could you send me some activity from this actor to verify? I already sent a Follow, but it was signed with my RSA key

   • marius (mariusor@metalhead.club)'s status on Sunday, 09-Feb-2025 04:41:29 JST marius

     in reply to

     • silverpill
     • clothoed

     @silverpill this one: @clothoed

     https://federated.id/actors/a1517c06-7131-4437-84b0-025837e9da39

     @julian

   • silverpill (silverpill@mitra.social)'s status on Sunday, 09-Feb-2025 06:37:43 JST silverpill

     in reply to

     @mariusor I was able to pull this activity. But it didn't work when you pushed it.
     The error is about invalid actor object. Maybe something is wrong with keyId parameter, I'll check that.

   • marius (mariusor@metalhead.club)'s status on Sunday, 09-Feb-2025 06:37:44 JST marius

     in reply to

     • silverpill

     @silverpill the Activity is https://federated.id/activities/22fe7abd-73d2-4508-acbc-ee683be6a3df

   • marius (mariusor@metalhead.club)'s status on Sunday, 09-Feb-2025 06:37:45 JST marius

     in reply to

     • silverpill

     @silverpill I corrected the actor IRI, but it still didn't work:

     It looks like mitra rejected the signature of that actor.

     https://paste.sr.ht/~mariusor/fa27a9703463f68476e24574b0aa9ca9a76f59f1

   • marius (mariusor@metalhead.club)'s status on Sunday, 09-Feb-2025 06:37:47 JST marius

     in reply to

     • silverpill

     @silverpill sadly it didn't make it to you:

     Feb 08 21:46:12 DBG Starting dissemination to remote collections. log=processing
     Feb 08 21:46:12 WRN Request did not meet this resource's requirements. iri=https://mitra.social/@silverpill/inbox log=client status="405 Method Not Allowed"
     Feb 08 21:46:12 WRN Unable to disseminate activity invalid status received: 405 log=processing
     Feb 08 21:46:12 INF Pushed to remote actor's collection https://mitra.social/@silverpill/inbox log=processing
     Feb 08 21:46:12 DBG Finished dissemination to remote collections. log=processing
     Feb 08 21:46:12 INF All OK! log=fedbox

   • marius (mariusor@metalhead.club)'s status on Sunday, 09-Feb-2025 06:37:48 JST marius

     in reply to

     • silverpill

     @silverpill

     https://federated.id/activities/6191a096-ca31-4ae7-8b3c-c7db9c6aae2b

   • silverpill (silverpill@mitra.social)'s status on Monday, 10-Feb-2025 05:51:04 JST silverpill

     in reply to

     @mariusor It is not invalid, just unusual.

     I enabled detailed logging on my server and posted an activity via C2S API as you suggested.

     It appears that POST requests are signed by https://federated.id/#main. My server tries to load the https://federated.id/ actor and rejects it because it doesn't have a preferredUsername property (not required by AP, but very common and my server needs it). My server also expects signing key to be owned by activity actor, but I can change that if needed (same origin is ok). Finally, https://federated.id/#main is an RSA key :)

   • marius (mariusor@metalhead.club)'s status on Monday, 10-Feb-2025 05:51:05 JST marius

     in reply to

     • silverpill

     @silverpill invalid actor on my side or on yours?

   • silverpill (silverpill@mitra.social)'s status on Wednesday, 12-Feb-2025 04:05:25 JST silverpill

     in reply to

     @mariusor Wonderful, thank you. Tested again, now the signing key is Ed25519 and the signature is valid.

   • marius (mariusor@metalhead.club)'s status on Wednesday, 12-Feb-2025 04:05:27 JST marius

     in reply to

     • silverpill

     @silverpill I changed the logic of fetching keys to use the same actor as the one sending the S2S activity.

     ....aaaand added a preferredUsername on the instance actor - which shouldn't affect you any more.

   • marius (mariusor@metalhead.club)'s status on Wednesday, 12-Feb-2025 04:05:28 JST marius

     in reply to

     • silverpill

     @silverpill guilty on all charges.

     1/ signed by the instance actor - to decouple key verification from processing the activities (and add a modicum of anonymity on behalf of whom the request is done)
     2/ No preferredUsername because naming things is hard (and the instance is named through its url)
     3/ mixed keys, well, I changed the instance key to mastodon compatible a while back